SME Server:Documentation:FAQ
Frequently Asked Questions
This Section lists Frequently Asked Questions (FAQ) for SME 7. Problems many people run into installing SME 7 for the first time or upgrading to later versions are found here.
If your question isn't listed here, it's possible it's a Rarely Asked Question (RAQ), in which case you'll be better off searching for answers in Bugzilla.
Yum Updates
Which repositories should be enabled
You should have the following repositories enabled (blue)
CentOS - os CentOS - updates SME Server - addons SME Server - os SME Server - updates.
DO NOT enable SME Server - updates testing which is considered beta, unless
- it is a TEST server NOT a production server or
- you want to be part of a bug-testing group.
Additionally
- SME Server - test is considered alpha
- SME Server - dev contains automatically built rpms. It contains lots of experimental,
incomplete and mutually incompatible packages.
- For another way to reset the repositories to the default see AddingSoftware#Restoring_Default_Yum_Repositories
Reconfigure / post-upgrade and reboot
- When is a post-upgrade and reboot required?
The server manager yum installer has no way of determining whether any configuration files will change if all are re-expanded or to know which binaries have changed (or use libraries which have now changed) and therefore need to be restarted. The only safe option is to reconfigure and restart everything.
After clicking Reconfigure check the Status message and that the server does actually reboot. Rarely circumstances arise that prevent the reconfigure from triggering. If so run the following,
signal-event post-upgrade; signal-event reboot
Updating from SME 7.x to SME 7.2
See Updating_to_SME_7.2#Yum_Update
General
- Please Wait - Yum Running (prereposetup)
This means Yum is working out what updates are available. Occasionally such as when large sets of updates are released this could take 10+ minutes to complete
- Yum doesn't seem to be working correctly. What do I do now?
If for some reason you can't get yum to work correctly, try:
yum clean metadata or possibly 'yum clean all' yum update
- Fix for 'Metadata file does not match checksum'
Typical error message
http://apt.sw.be/fedora/3/en/i386/dag/repodata/primary.xml.gz: [Errno -1] Metadata file does not match checksum Trying other mirror. Error: failure: repodata/primary.xml.gz from dag: [Errno 256] No more mirrors to try.
To flush the up stream proxies, using wget, run:
wget --cache=off http://apt.sw.be/fedora/3/en/i386/dag/repodata/filelists.xml.gz wget --cache=off http://apt.sw.be/fedora/3/en/i386/dag/repodata/primary.xml.gz wget --cache=off http://apt.sw.be/fedora/3/en/i386/dag/repodata/repomd.xml yum update
- An unclean shutdown during a system update can put the system into a state where it's difficult to recover.
Try not to kick the power cord and use a UPS
- Where can I go to learn more about yum, and about how SME uses it?
AddingSoftware , man yum, http://linux.duke.edu/projects/yum/
Repositories Adding Removing Disabling
- What is the recommended way to add other yum repositories
The following code uses the dungog repository as an example and sets the status to disabled. The repository is configured to be used via the command line with the --enablerepo= option
db yum_repositories set dungog repository \ Name 'SME Server 7 - dungog' \ BaseURL 'http://sme.dungog.net/packages/smeserver/7.0/i386/dungog/' \ EnableGroups yes \ GPGCheck no \ Visible no \ status disabled
- How do I remove yum repositories
db yum_repositories delete repositoryname expand-template /etc/yum.conf
- How do I disable a repository to allow future use via command line with the --enablerepo= option
db yum_repositories repositoryname setprop status disabled expand-template /etc/yum.conf
Hardware Compatibility List
Maintaining a complete HCL is difficult, the following links will give a indication of hardware being used by SME Servers and upstream providers
Client Computers
- Samba trust relationships lost?
This is a possible bug with an upgrade from SME6. After an upgrade, local workstations cannot log in. If you are experiencing this problem, please have a look at this bug for a fix, and provide followup: [[1]]
- Windows XP Clients - Patch to logon to SME domain
This patch can be used when Windows XP clients won't be able to log on to the SME Server domain. The registry patch is located here: http://servername/server-resources/regedit/winxplogon.reg Double click on the winxplogon.reg file and the settings will be added to the Windows Registry.
- How to disable password caching on Windows 95/98/ME/2000 Clients?
This patch can be used if you don't want Windows clients to remember password for shared folders on SME Server. The registry patch is located here: http://servername/server-resources/regedit/win98pwdcache.reg Just double click on the win98pwdcache.reg file and the settings will be added to the Windows Registry.
Note Although the filename seems to indicate that this patch will only work for Windows 98, but it also works in Windows 95, Windows ME and Windows 2000.
- LDAP Directory Gives MAPI_E_CALL_FAIL Errors on Outlook 2002 or Outlook 2003
In Outlook 2002 or 2003 when someone tries to find a contact using the LDAP server, a message stating that "Unavailable critical extension" and then a second message saying "The search could not be completed. MAPI_E_CALL_FAIL" shows up and nothing shows up from the search. The directory works beautifully in Thunderbird 1.5 as well as Outlook 2000, but not 2002 or 2003. More information can be found here:[[2]] [[3]]
- Where is the netlogon directory?
The netlogon directory is located on the SMESERVER at: /home/e-smith/files/samba/netlogon It can also be found by a client computer at: \\servername\netlogon
Web Applications
- chmod 777
Using 777 is always wrong (despite the fact that many howtos recommend it). 0770 is sufficient, as long as www is a member of the group owning the directory, and is safer.
Use chown www /path/to/dir
and preferably put your app in /opt/app not in an ibay
- Generic Instructions for Installing a Web Application
http://wiki.contribs.org/Generic_WebApp_rpm
- Wasn't mod_perl installed in previous versions? How do I install it?
It may have been, but it was not used so it is no longer included. If you do want to install it do the following:
Note The commands on a linux shell are case-sensitive, this means that Capital is not the same as capital.
yum install mod_perl config setprop modPerl status enabled signal-event post-upgrade ; signal-event reboot
- The directory structure is visible. How do I disable indexes in ibays?
SME Server 6.0, 6.0.1, and 6.5 all had the following for the ibays/html directory - "Options Indexes Includes". This would indicate that indexes were allowed for html directories. In SME Server 7.0 this is made a parameter and it defaults to enabled to be compatible with SME Server releases before SME Server 7.0 installations.
To disable indexes for an ibay in SME Server 7.0 do the following:
db accounts setprop //ibayname// Indexes disabled signal-event ibay-modify //ibayname//
This issue was first reported here: [[4]]
- I need to create (or install) a PHP application that needs access to the /tmp directory.
db accounts setprop ibayname PHPBaseDir /tmp/:/home/e-smith/files/ibays/ibayname/ signal-event ibay-modify ibayname
By default if you have PHP code in an IBAY, it can only run in that IBAY. The above commands will allow PHP code in the IBAY to run outside of its installed directory.
Here is a list of all the IBAY specific settings
Reset the root and admin password
1. Restart your server and at the beginning of the boot-up use the arrow keys to select the kernel you would like to boot into.
2. Press A , to allow you to append parameters to your grub boot settings.
3. Be careful not to change anything, only add the following after the A (Be sure to put a space before single):
single
4. Press enter. you will be presented with a prompt.
5. At this prompt type the following two commands (each followed by a return). You will be asked to provide a new password. Reset both your root and your admin password and set them to the same value:
passwd root passwd admin
Reboot your server and everything should be okay now.
File Size Limitations
- Apache, the web server can only transfer or show files under 2G
- Backup to USB Disk
FAT32 only supports file size of <4GB. It is recommended that you format your external usb drives to ext3.
Domains
- When I create a DOMAIN, I don't see anything listed in the HOSTNAMES AND ADDRESSES panel for that DOMAIN.
For a domain to be effective (for email or web), it needs to be configured as INTERNET DNS SERVERS (this is the default value). Since the domain resolves via INTERNET DNS SERVERS, no hostnames or addresses are created locally. For more info please visit the Administration Manual section regarding Domains: [[5]]
Proxy Pass
- I want to pass some http requests to a server behind my SME Server or external to my site, how can I do this?
You can set a ProxyPass directive that will pass certain requests to an internal or external server that hosts the domain to be proxypassed
db domains set proxypassdomain.com domain Nameservers internet db domains setprop proxypassdomain.com ProxyPassTarget http://xxx.xxx.xxx.xxx/ db domains setprop proxypassdomain.com TemplatePath ProxyPassVirtualHosts signal-event domain-create proxypassdomain.com
where proxypassdomain.com is the domain name hosted on the internal or external server and http://xxx.xxx.xxx.xxx/ is the IP address of the internal or external server eg 192.168.1.20 or 122.456.12.171 (it must be the publicly accessible IP if an external server)
Shell Access
- I need to give a user shell access to the SMESERVER.
Shell access should only be provided to users who have a *need* for it and can be trusted. You can enable shell access for a user by:
db accounts setprop username Shell /bin/bash chsh -s /bin/bash username
- Improve user remote shell cosmetics
Create a .bash_profile file for the user in ~
# include .bashrc if it exists if [ -f ~/.bashrc ]; then source ~/.bashrc fi
Upgrading Server
- What's the best way to upgrade to a new server ?
An article is written for this subject. Please visit: http://wiki.contribs.org/UpgradeDisk
Changing maximum Ibay, Account or Group name length
- How do I change the default maximum (12 characters) name length of an I-Bay, account or group?
Enter following command on the console as root:
/sbin/e-smith/db configuration set maxIbayNameLength xx /sbin/e-smith/db configuration set maxAcctNameLength xx /sbin/e-smith/db configuration set maxGroupNameLength xx
where 'xx' is the new size e.g. 15.
Followed by:
/sbin/e-smith/signal-event console-save
Deletion of Users Ibays Groups
- I can't delete & create a user for some reason. What do I do now?
If for some reason you can't delete & create a user, then first do:
signal-event user-delete <username> db accounts delete <username>
- I can't delete & create a ibay for some reason. What do I do now?
If for some reason you can't delete & create a ibay, then first do:
signal-event ibay-delete <ibayname> db accounts delete <ibayname>
- I can't delete & create a group for some reason. What do I do now?
If for some reason you can't delete & create a group, then first do:
signal-event group-delete <groupname> db accounts delete <groupname>
- I was looking in the home directory of a user and I see a hidden directory called ".junkmail". Do I need that? Can I delete it?
Don't remove or rename .junkmail folders.
Password Strength Checking
- How can I change password strength & what do the strength settings mean?
The following settings are available to specify the password strength on SME Server:
setting | explanation |
---|---|
strong | The password is passed through Cracklib for dictionary type word checking as well as requiring upper case, lower case, number, non alpha and a mimimum length of 7 characters. |
normal | The password requires upper case, lower case, number, non alpha and a minimum length of 7 characters. |
none | The password can be anything as no checking is done.
Please note that "none" does not mean no password, it just means no password strength checking, so you can enter any (weak) password you want as long as it is at least 7 characters long. |
To set password strength do:
config setprop passwordstrength Admin strengthvalue config setprop passwordstrength Users strengthvalue config setprop passwordstrength Ibays strengthvalue
where strengthvalue is one of the entries listed in the table above.
e.g.
config setprop passwordstrength Users normal
To review the current settings do:
config show passwordstrength
which should display something like:
passwordstrength=configuration Admin=strong Ibays=strong Users=strong
References:
Hard Drives, RAID's, USB Hard Drives
- How should I setup my hard-drives?
We never recommend anything other than a single disk install or multiple disks of the same type. Anything else and you are following an unrecommended setup and you will need to navigate for yourself. Repeat, we never recommend anything other than a single disk install or multiple disks of the same type. If you're thinking of doing anything else (setup your own partitions), read this section again.
- How should I setup my RAID?
A full article on RAID is found here: [[6]]
- I want to use a hardware RAID. What do you suggest?
Please see the notes in the RAID article: [[7]]
- I'm installing a RAID 5 but it seems to take a long time. Is there something wrong?
RAID 5 systems (those with 3+ disks) can take a long time during and after the install for everything to sync. Reportedly, it takes almost 2 hours before the disks finally finish syncing on 4 X 80GB disks.
- If I boot my SMESERVER with a USB hard drive attached, it recognizes the drive. However, after unplugging the drive, then replugging, it no longer exists. Any ideas why?
Reportedly, some external usb hd's must be completely powered up before connecting the usb cable.
- If I boot my SMESERVER with a USB hard drive attached, it doesn't recognize the drive. Any workarounds for this?
Some USB drives need to be plugged twice into the server to be recognized.
Recovering SME Server with lvm drives
Let’s try starting the raid and see what we get:
mdadm -E /dev/sdb1
What “mdadm -E /dev/sdb1” command shows it is a part of a raid array, what level, how many members, etc.
user@user-desktop:/mnt$ mdadm -E /dev/sdb2 /dev/sdb2: Magic : a92b4efc Version : 00.90.00 UUID : 550e0406:c9ce50d2:825b32e4:4a9d3549 Creation Time : Sat Sep 8 12:15:29 2007 Raid Level : raid1 Used Dev Size : 1991936 (1945.58 MiB 2039.74 MB) Array Size : 1991936 (1945.58 MiB 2039.74 MB) Raid Devices : 2 Total Devices : 1 Preferred Minor : 2 Update Time : Sat Sep 8 12:22:05 2007 State : clean Active Devices : 1 Working Devices : 1 Failed Devices : 1 Spare Devices : 0 Checksum : 22e3837f - correct Events : 0.991 Number Major Minor RaidDevice State this 0 8 2 0 active sync /dev/sda2
0 0 8 2 0 active sync /dev/sda2 1 1 0 0 1 faulty removed user@user -desktop:/mnt$
With it being a raid 1 we only need 1 member to start it.
You can also use any md device to assemble the array. You need to make sure you are using an md device that isn't already in use, to check what isn’t being used type:
cat /proc/mdstat
So we have now found which md device we can use and for our example we will use “md8”
What we will do now is assemble and run the array:
mdadm -AR /dev/md8 /dev/sdb2
If you have multiple arrays you will need to assemble and run:
mdadm -AR /dev/md8 /dev/sdb2 /dev/sdd2 /dev/sde3
Now see if the array is assembled:
user@user-desktop: ~$ lvs LV VG Attr LSize Origin Snap% Move Log Copy% root main -wi-ao 1.53G swap main -wi-a- 320.00M user@user-desktop: ~$
To activate all known volume groups in the system:
user@user-desktop:~$ vgchange main -a n 0 logical volume(s) in volume group "main" now active user@user-desktop:~$ vgchange main -a y 2 logical volume(s) in volume group "main" now active
user@user-desktop:~$
Now we should be able to mount the drive:
user@user-desktop:~$ mount /dev/main/root /mnt/oldsmeserver/ user@user-desktop:~dev$
Looking good so let’s show where our files are:
user@user-desktop:~$ cd /mnt/oldsmeserver/ user@user-desktop:/mnt/oldsmeserver$ dir aquota.group boot etc lib mnt proc selinux sys var aquota.user command home lost+found opt root service tmp bin dev initrd media package sbin srv usr user@user-desktop:/mnt/oldsmeserver$
Now you have successfully assembled your array and able to recover your data.
Backups & Restores
- AIT-1 Backup: buffer unreliable
An AIT-1 is unreliable if used with variable block size. Set the setting
config setprop flexbackup TapeBlocksize 512
AIT-2, DAT and LTO seem to work well with variable block size.
- Slow tape backup performance may be improved by changing Flex backup settings
config setprop flexbackup Blocksize 256 config setprop flexbackup BufferMegs 16
- In the ADMIN CONSOLE, there is an option to BACKUP TO USB but there are no restore options.
The RESTORE option is only visible on a new install. If you missed this during install, you can
config set PasswordSet no signal-event post-upgrade; signal-event reboot
During reboot reconfiguration process you should see the new restore via USB backup option.
-NOW plug in the usb drive (Do not plug in the usb drive until you reach this point). -pick YES or RESTORE (or whatever is presented to you)
Supervised Services
- Many services on SME are supervised, to see which are type
ps ax |grep runsv
To control them read the sv manual
man sv
- it seems that "sv u http-e-smith" gives no errors, even if the service fails to restart, so you need to use "sv s httpd-e-smith" to check if it fails (example: due to a httpd.conf error)
This is just the way that runsv (part of the runit package) works. The "sv u http-e-smith" only sends a message to runsv saying that we want the service to be up. runsv then will keep trying to get the service running.
Server-Manager
- I can't access the server-manager. What do I do now?
There are many reasons why you wouldn't be to access the server-manager. First try:
signal-event post-upgrade; signal-event reboot
If you still can't access, there are reports that a certificates mis-match might have occurred after update. In that case:
rm /home/e-smith/ssl.key/*.key rm /home/e-smith/ssl.pem/*.pem rm /home/e-smith/ssl.crt/*.crt signal-event domain-modify; signal-event reboot
- I used to access the SERVER-MANAGER with localhost:980 remotely via SSH tunnel and now I can't. What happened?
This feature has been deprecated a long time and finally removed in V7.2
If you really want to use this then forward 443 to localhost:443 and then use https://localhost/server-manager/
Booting with SMP kernel after upgrade to version 7.2 from CD
- I've upgraded and now the SMP kernel isn't available.
This is because when upgrading to 7.2 from CD, kernel modules are missing for SMP IF the output of "cat/proc/cpuinfo" does not show multiple processors. The SMP kernel, if not present, can be installed via yum using: Do:
yum install kernel-smp kmod-ppp-smp kmod-slip-smp kmod-appletalk-smp signal-event post-upgrade signal-event reboot
Details: http://bugs.contribs.org/show_bug.cgi?id=3095
- I'm getting a kernel panic after upgrade from CD. What do I do now?
When upgrading with a CD, the upgrade will rewrite the grub.conf file. As a result, any additional boot arguments (i.e. acpi=off) will be lost during upgrade. Please edit the grub.conf file.
Special Characters
- I get strange characters & letters when look at my file names.
If you get filenames that look like: "éèÃ.txt" It's most likely because the SME server isn't understanding special characters you may be using. You can change it to understand special characters in filenames by:
db configuration setprop smb UnixCharSet ISO8859-1 expand-template /etc/smb.conf /etc/init.d/smb restart
Log Files & Messages
Firewall